package com.hhss.qishi.config.security;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;

import java.io.Serializable;

/**
 * @Author zhangchengcheng
 * @Date now()
 */
@Configuration
public class CustomizePrimissionEvaluator implements PermissionEvaluator {

	@Override
	public boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission) {
		boolean accessable = false;
		if(authentication.getPrincipal().toString().compareToIgnoreCase("anonymousUser") != 0){
			String privilege = targetDomainObject + "-" + permission;
			for(GrantedAuthority authority : authentication.getAuthorities()){
				if(privilege.equalsIgnoreCase(authority.getAuthority())){
					accessable = true;
					break;
				}
			}
		}
		return accessable;
	}

	@Override
	public boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission) {
		return false;
	}
}
